The LzUpdateDevCreds.ps1 PowerShell script is run on the Management Workstation to update a Developer's AWS Sandbox Account IAMUserCredsPolicy. This script is usually run after you have created or updated a local copy of IAMUserCredsPolicy.json in the LazyStackSettings folder. To create a local copy of the IAMUserCredsPolicy.json, just copy from LazyStackSMF\IAMUserCredsPolicy.json.
This policy grants the developer those permissions typically required to publish Serverless Stacks to their AWS Sandbox Account. Use the LzUpdateDevCreds.ps1 script to update the policy for an existing developer's account when you make changes to the local IAMUserCredsPolicy.json document.
The IAMUserCredsPolicy.json document applies the principle of least privileges to the developer account. Since the developer account is a "sandbox", the developer is allowed a wide range of privileges with restrictions primarily being applied to IAM permissions. It's a good idea to review the IAMUserCredsPolicy.json document and understand what permissions are being provided to each developer account.